package cn.zwx.security.example.controller;

import cn.zwx.security.example.entity.SysUserEntity;
import cn.zwx.security.example.entity.extend.SelfUserEntity;
import cn.zwx.security.example.service.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.security.PermitAll;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @description:
 * @projectName:spring-boot-security-example
 * @see:cn.zwx.security.example.controller
 * @author:zhangwenxue
 * @createTime:2021/6/23 21:19
 * @version:1.0
 */
@RestController
public class UserController {

    @Autowired
    private SysUserService sysUserService;

   /**
    * @description 拥有ADMIN或者USER角色可以访问
    * @return org.springframework.http.ResponseEntity
    * @author zhangwenxue
    * @createTime 2021/6/23 21:47
    **/
//    @PermitAll
    @PreAuthorize("hasAnyRole('ADMIN','USER')")
    @RequestMapping(value = "/info",method = RequestMethod.POST)
    public ResponseEntity userLogin(){
        Map<String,Object> result = new HashMap<>();
        SelfUserEntity userDetails = (SelfUserEntity) SecurityContextHolder.getContext().getAuthentication() .getPrincipal();
        result.put("title","用户端信息");
        result.put("data",userDetails);
        return ResponseEntity.ok(userDetails);
    }

   /**
    * @description 拥有ADMIN角色可以访问
    * @return org.springframework.http.ResponseEntity
    * @author zhangwenxue
    * @createTime 2021/6/23 21:47
    **/
    @PreAuthorize("hasRole('ADMIN')")
    @RequestMapping(value = "/list",method = RequestMethod.POST)
    public ResponseEntity list(){
        Map<String,Object> result = new HashMap<>();
        List<SysUserEntity> sysUserEntityList = sysUserService.list();
        return ResponseEntity.ok(sysUserEntityList);
    }

   /**
    * 拥有sys:user:info权限可以访问
    * hasPermission 第一个参数是请求路径 第二个参数是权限表达式
    * @return org.springframework.http.ResponseEntity
    * @author zhangwenxue
    * @createTime 2021/6/23 21:47
    **/
   @PreAuthorize("hasPermission('/menu/list','sys:menu:list')")
    @RequestMapping(value = "/menu/list",method = RequestMethod.POST)
    public ResponseEntity getMenuList(){
        return ResponseEntity.ok("拥有sys:user:info权限可以访问 " +
                "hasPermission 第一个参数是请求路径 第二个参数是权限表达式");
    }

   /**
    * 拥有sys:user:info权限可以访问 和 admin就是才有权限
    * hasPermission 第一个参数是请求路径 第二个参数是权限表达式
    * @return org.springframework.http.ResponseEntity
    * @author zhangwenxue
    * @createTime 2021/6/23 21:47
    **/
   @PreAuthorize("hasPermission('/test/info','sys:user:info') and hasRole('ADMIN')")
    @RequestMapping(value = "/test/info",method = RequestMethod.POST)
    public ResponseEntity testInfo(){
        return ResponseEntity.ok("拥有sys:user:info权限 " +
                "并且是 Admin角色的啊也可访问");
    }
}
